Open Jack-Works opened 4 years ago
👍 isSecureContext
that is a good one.
I agree with the sentiment but we have a nasty problem:
Everybody tests locally then deploys to production, if it isn't on http
everything goes "kaboom" silently, dev may never notice cause they always go to https
but users don't always.
We've caught at least 3+ major incidents as a result of forcibly redirecting, the worst thing that happens is complaining "why" here, but not redirecting leads to massively silently broken sites. If somebody doesn't have https
certs then this unavoidably notifies them. A console.log etc. warnings are not good enough, they go unseen 90%+ of the time.
Any other alternative options?
https://github.com/amark/gun/blob/97aa976c97e6219a9f93095d32c220dcd371ca62/sea.js#L39
Please don't jump to https automatically! This is a library, not an application, you should not do things like this.
Also, you forget to check
127.0.0.1
.Finally, the correct way to detect if WebCrypto is available is
window.isSecureContext
, https://developer.mozilla.org/en-US/docs/Web/API/Window/isSecureContext